Check Point Security Advisory
»Top Protections

Two Windows Media Playback Vulnerabilities Could Allow Remote Code Execution
MS12-004CVE-2012-0003CVE-2012-0004 )
Two vulnerabilities in Microsoft Windows' media playing functionality could allow a remote attacker to take control of a targeted system and execute arbitrary code. One of these issues, which relates to how Media Player handles MIDI files, is ranked Critical, while the other concerns DirectShow's improper parsing of media files and is ranked High. The Check Point IPS Software Blade provides network protection against both vulnerabilities. Learn More .

Check Point Provides Network Protection against Microsoft Windows Packager Vulnerability
MS12-005CVE-2012-0013 )
A remote code execution vulnerability has been reported in how the Windows Object Packager loads "ClickOnce" applications that are embedded in Microsoft Office files. Successful exploitation could allow an attacker to run arbitrary code on the targeted system in the context of the current user.  The Check Point IPS Software Blade provides protection at the network level against this issue. Learn More .

Insecure Executable Launching Vulnerability Found in Microsoft Windows Object Packager
Microsoft Security Bulletin MS12-002CVE-2012-0009 ) A remote code execution vulnerability has been discovered in the Windows Object Packager. An attacker could exploit this issue and cause the execution of arbitrary code on a targeted system. The Check Point IPS Software Blade provides protection against this problem at the network level. Learn More .

January 10, 2012
In This Advisory
Top Protections
Two Windows Media Playback Vulnerabilities Could Allow Remote Code Execution
Check Point Provides Network Protection against Microsoft Windows Packager Vulnerability
Insecure Executable Launching Vulnerability Found in Microsoft Windows Object Packager
Highlighted Protections
Including Patch Tuesday

Contact Us

IPS Software Blades

Learn About Our Endpoint Security

Update Services - Buy Now

» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.

Severity Vulnerability Description Check Point Protection
Issued
Industry Reference Check Point Reference
Number
CriticalCritical Microsoft Windows Media Player MIDI Code Execution 10-Jan-2012 CVE-2012-0003 CPAI-2012-014
CriticalHigh Microsoft Windows DirectShow Filters Remote Code Execution 10-Jan-2012 CVE-2012-0004 CPAI-2012-019
CriticalHigh Microsoft Windows Assembly Execution Vulnerability 10-Jan-2012 CVE-2012-0013 CPAI-2012-018
CriticalHigh Microsoft Windows Object Packager Insecure Executable Launching 10-Jan-2012 CVE-2012-0009 CPAI-2012-016
CriticalHigh Microsoft AntiXSS Library Bypass Information Disclosure 10-Jan-2012 CVE-2012-0007 CPAI-2012-017
CriticalHigh Preemptive Protection against SSL and TLS Protocols Information Disclosure 10-Jan-2012 CVE-2011-3389 CPAI-2012-020

More Updates >
Have questions about IPS?
IPS ForumParticipate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?

Subscribe to Security Alerts and Advisories

» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com.
Read Check Point's Privacy Policy
©2003-2014 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
959 Skyway Rd, Suite 300, San Carlos, CA 94070